taskfile.yaml

version: '3'

vars:
  hubbleEnterpriseVersion: 1.11.9
  hubbleUIEnterpriseVersion: 0.28.1

tasks:
  init-linux-tooling:
    platforms: [linux]
    desc: install all needed tools for linux
    cmds:
      - sudo apt update
      - sudo apt install coreutils
      - curl -Lo ./kind https://kind.sigs.k8s.io/dl/v0.22.0/kind-linux-amd64
      - sudo mv ./kind /usr/local/bin/kind
      - sudo curl https://raw.githubusercontent.com/helm/helm/main/scripts/get-helm-3 | bash
      - sudo curl -LO "https://dl.k8s.io/release/$(curl -L -s https://dl.k8s.io/release/stable.txt)/bin/linux/amd64/kubectl"
      - sudo chmod +x ./kubectl 
      - sudo mv ./kubectl /usr/local/bin/kubectl
  
  init-windows-tooling:
    platforms: [windows]
    desc: install all needed tools
    cmds:
      - cmd /c mkdir bin
      - cmd /c $env:path+="$(pwd)\bin"
      - curl -Lo ./bin/kubectl.exe https://dl.k8s.io/release/v1.29.2/bin/windows/amd64/kubectl.exe
      - curl -Lo ./bin/kind.exe https://kind.sigs.k8s.io/dl/v0.22.0/kind-windows-amd64
      - curl -Lo ./bin/helm.zip https://get.helm.sh/helm-v3.14.3-windows-amd64.zip
      - powershell expand-archive ./bin/helm.zip ./bin
      - powershell move-item ./bin/windows-amd64/helm.exe ./bin/helm.exe

  init-update-wsl:
    desc: update wsl
    platforms: [windows]
    cmds: 
      - wsl --update --pre-release

  cluster-create-basic:
    desc: Creates a basic kind cluster with ingress
    output: prefixed
    silent: true
    vars:
      TIMEOUT: 300s
    deps:
      - task: kind-create-cluster
        vars:
          config: ./cluster-config/default.yaml
    cmds:
      - task: deploy-ingress-nginx
      - cmd: echo "cluster deployed"

  cluster-create-cilium-enterprise:
    desc: Creates a cluster with cilium enterprise and ingress
    deps:
      - task: kind-create-cluster
        vars:
          config: ./cluster-config/default-no-cni.yaml
    cmds:
      - task: deploy-cilium-enterprise
      - task: deploy-hubble-enterprise
      - task: deploy-ingress-nginx
      - task: deploy-hubble-ui-enterprise
      - task: show-ingress
    
  deploy-argocd:
    desc: deploys argocd
    silent: true
    vars:
      TIMEOUT: 600s
    deps:
      - task: helm-repos
      - task: kind-use-context
    cmds:
      - helm install argo-cd argo-cd/argo-cd  -n argocd -f ./values/argo-cd.yaml --create-namespace
      - kubectl wait --namespace argocd --for=condition=Ready pod -l="app.kubernetes.io/instance"=argo-cd --timeout=600s
      - task: deploy-argocd-example-apps
      - task: show-ingress
      - task: show-secret
        vars:
          secret: "argocd-initial-admin-secret"
          property: "{.data.password}"
          namespace: "argocd"
          desc: "argo admin password"

  deploy-argo-rollouts:
    desc: deploys argo rollouts
    vars:
      TIMEOUT: 600s
    deps:
      - task: helm-repos
      - task: kind-use-context
    cmds:
      - helm install argo-rollouts argo-cd/argo-rollouts  -n argo-rollouts -f ./values/argo-rollouts.yaml --create-namespace
      - kubectl wait --namespace argo-rollouts --for=condition=Ready pod -l="app.kubernetes.io/instance"=argo-rollouts --timeout=600s
      - task: show-ingress

  deploy-argocd-example-apps:
    desc: deploys the argocd apps and projects
    deps:
      - task: helm-repos
      - task: kind-use-context
    cmds:
      - kubectl apply -f ./argo-resources/projects
      - kubectl apply -f ./argo-resources/applications

  deploy-cert-manager:
    desc: deploys the certificate manager
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 600s
    cmds:
      - kubectl apply -f https://github.com/jetstack/cert-manager/releases/download/v1.3.1/cert-manager.yaml
      - kubectl wait --namespace cert-manager --for=condition=ready pod -l=app.kubernetes.io/instance=cert-manager --timeout={{.TIMEOUT}}

  deploy-cilium-enterprise:
    desc: deploy cilium enterprise
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 600s
      VERSION: 1.14.8
    cmds:
      - kubectl apply -f ./kubernetes/cilium/namespace.yaml
      - helm install cilium-enterprise isovalent/cilium -f ./values/cilium-enterprise.yaml -n cilium-system --version {{.VERSION}}
      - kubectl wait --namespace cilium-system --for=condition=ready pod -l=app.kubernetes.io/part-of=cilium --timeout={{.TIMEOUT}}

  deploy-clickhouse-operator:
    desc: deploy clickhouse operator
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 600s
      VERSION: 0.20.3
    cmds:
      - helm install clickhouse-operator altinity-clickhouse-operator/altinity-clickhouse-operator --wait --namespace clickhouse-operator --create-namespace --set 'operator.env[0].name=WATCH_NAMESPACES,operator.env[0].value=hubble-timescape'
      - kubectl wait --namespace clickhouse-operator --for=condition=ready pod -l=app.kubernetes.io/instance=clickhouse-operator --timeout={{.TIMEOUT}}

  deploy-hubble-enterprise:
    desc: deploy hubble enterprise
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 10m
      VERSION: 1.11.9
    cmds:
      - helm install hubble-enterprise isovalent/hubble-enterprise -f ./values/hubble-enterprise.yaml -n cilium-system --version {{.hubbleEnterpriseVersion}}
      - kubectl wait --namespace cilium-system --for=condition=ready pod -l=app.kubernetes.io/name=hubble-enterprise --timeout={{.TIMEOUT}}

  deploy-hubble-ui-enterprise:
    desc: deploy hubble ui enterprise
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 600s
      VERSION: 0.28.1
    cmds:
      - helm install hubble-ui-enterprise isovalent/hubble-ui -f ./values/hubble-ui-enterprise.yaml -n cilium-system --version {{.hubbleUIEnterpriseVersion}}
      - kubectl wait --namespace cilium-system --for=condition=ready pod -l=k8s-app=hubble-ui --timeout={{.TIMEOUT}}
      - task: show-ingress

  deploy-hubble-timescape:
    desc: deploy hubble timescape
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 600s
      VERSION: 1.2.2
    cmds:
      - task: deploy-minio
      - helm upgrade hubble-enterprise isovalent/hubble-enterprise --wait --version {{.hubbleEnterpriseVersion}} -n cilium-system -f ./values/hubble-enterprise-timescape.yaml 
      - kubectl wait --namespace cilium-system --for=condition=ready pod -l=app.kubernetes.io/name=hubble-enterprise --timeout={{.TIMEOUT}}
      - task: deploy-clickhouse-operator
      - |
        kubectl create namespace hubble-timescape
        kubectl -n hubble-timescape create secret generic hubble-timescape-migrate-creds \
        --from-literal CLICKHOUSE_PASSWORD=migrate-password 
        kubectl -n hubble-timescape create secret generic hubble-timescape-ingester-creds \
        --from-literal AWS_ACCESS_KEY_ID=minio \
        --from-literal AWS_SECRET_ACCESS_KEY=quickstart \
        --from-literal AWS_REGION=dummy \
        --from-literal CLICKHOUSE_PASSWORD=ingester-password
        kubectl -n hubble-timescape create secret generic hubble-timescape-server-creds \
        --from-literal CLICKHOUSE_PASSWORD=server-password
      - helm install hubble-timescape isovalent/hubble-timescape --version {{.VERSION}} --namespace hubble-timescape --values ./values/hubble-timescape.yaml
      - kubectl wait --namespace hubble-timescape --for=condition=ready pod -l=app.kubernetes.io/part-of=hubble-timescape --timeout={{.TIMEOUT}}
      - helm upgrade hubble-ui-enterprise isovalent/hubble-ui --reuse-values --set timescape.enabled=true -n cilium-system --version {{.hubbleUIEnterpriseVersion}}
      - kubectl wait --namespace cilium-system --for=condition=ready pod -l=k8s-app=hubble-ui --timeout={{.TIMEOUT}}
  
  deploy-ingress-nginx:
    desc: deploys the ingress-nginx controller
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 600s
    cmds:
      - helm install ingress-nginx ingress-nginx/ingress-nginx -f ./values/ingress-nginx.yaml -n ingress-nginx --create-namespace
      - kubectl wait --namespace ingress-nginx --for=condition=ready pod -l=app.kubernetes.io/component=controller --timeout={{.TIMEOUT}}

  deploy-metrics-server:
    desc: deploy metrics-server
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 5m
    cmds:
      - helm install metrics-server metrics-server/metrics-server -f ./values/metrics-server.yaml --wait --version 3.12.0 --namespace metrics-server --create-namespace
      - kubectl wait --namespace metrics-server --for=condition=ready pod -l=app.kubernetes.io/name=metrics-server

  deploy-minio:
    desc: deploy minio storrage (S3 compatible blob storage)
    deps:
      - task: helm-repos
      - task: kind-use-context
    vars:
      TIMEOUT: 5m
    cmds:
      - helm install minio-operator minio/operator --wait --version 5.0.5 --namespace minio-operator --create-namespace
      - helm install minio-tenant minio/tenant --wait --version 5.0.5 --namespace minio --create-namespace -f ./values/minio-tenant.yaml
      - kubectl wait --for jsonpath='{.status.currentState}'=Initialized tenants quickstart -n minio --timeout={{.TIMEOUT}}
      - task: show-ingress

  deploy-vpa:
    desc: deploy vpa
    silent: true
    vars:
      TIMEOUT: 600s
    deps:
      - task: deploy-cert-manager
    cmds:
      - task: deploy-metrics-server
      - kubectl apply -f ./kubernetes/vertical-pod-autoscaler
      - kubectl wait --namespace kube-system --for=condition=ready pod -l=app=vpa-recommender --timeout={{.TIMEOUT}}
      - kubectl wait --namespace kube-system --for=condition=ready pod -l=app=vpa-admission-controller --timeout={{.TIMEOUT}}

  deploy-rabbitmq:
    desc: deploy rabbitMQ operator and a rabbitmq cluster
    silent: true
    vars:
      TIMEOUT: 10m
    deps:
      - task: deploy-cert-manager
    cmds:
      - kubectl apply -f https://github.com/rabbitmq/cluster-operator/releases/latest/download/cluster-operator.yml
      - kubectl wait --namespace rabbitmq-system --for=condition=ready pod -l=app.kubernetes.io/name=rabbitmq-cluster-operator
      - kubectl apply -f https://github.com/rabbitmq/messaging-topology-operator/releases/latest/download/messaging-topology-operator-with-certmanager.yaml
      - kubectl wait --namespace rabbitmq-system --for=condition=ready pod -l=app.kubernetes.io/name=messaging-topology-operator
      - kubectl apply -f ./kubernetes/rabbitmq/namespace.yaml
      - kubectl apply -f ./kubernetes/rabbitmq
      - kubectl wait --namespace rabbitmq-cluster --for=condition=ready pod -l=app.kubernetes.io/name=rabbitmq-cluster
      - task: show-ingress
      - task: show-secret
        vars:
          secret: "rabbitmq-cluster-default-user"
          namespace: "rabbitmq-cluster"
          property: "{.data.username}"
          desc: "username:"
      - task: show-secret
        vars:
          secret: "rabbitmq-cluster-default-user"
          namespace: "rabbitmq-cluster"
          property: "{.data.password}"
          desc: "password:"

  deploy-prometheus:
    desc: deploy prometheus stack
    silent: true
    vars:
      TIMEOUT: 600s
    deps:
      - task: kind-use-context
      - task: helm-repos
    cmds:
      - helm install prometheus prometheus-community/kube-prometheus-stack --create-namespace --namespace monitoring -f ./values/prometheus-stack.yaml
      - kubectl wait --namespace monitoring --for=condition=ready pod -l=app.kubernetes.io/instance=prometheus --timeout={{.TIMEOUT}}
      - task: show-ingress
      - task: show-secret
        vars:
          secret: "prometheus-grafana"
          namespace: "monitoring"
          property: "{.data.admin-user}"
          desc: "username:"
      - task: show-secret
        vars:
          secret: "prometheus-grafana"
          namespace: "monitoring"
          property: "{.data.admin-password}"
          desc: "password:"

  demo-argo-rollouts-blue-green:
    desc: deploy argo rolouts blue-green demo
    silent: true
    vars:
      TIMEOUT: 600s
    deps:
      - task: kind-use-context
    cmds:
      - task: deploy-argo-rollouts
      - cmd: kubectl create ns demo-argo-rollouts-bluegreen
      - cmd: kubectl apply -f ./kubernetes/demos/argo-rollouts/blue-green
      - cmd: kubectl wait --namespace demo-argo-rollouts-bluegreen --for=condition=ready pod -l=app=bluegreen-demo  --timeout={{.TIMEOUT}}
      - task: show-ingress

  demo-vertical-pod-autoscaler:
    desc: vpa demo
    vars:
      TIMEOUT: 600s
    deps:
      - task: deploy-vpa
    cmds:
      - kubectl apply -f ./kubernetes/demos/vertical-pod-autoscaler/namespace.yaml
      - kubectl apply -f ./kubernetes/demos/vertical-pod-autoscaler/
      - cmd: kubectl wait --namespace demo-vpa --for=condition=ready pod -l=app=cpu-utilization-app --timeout={{.TIMEOUT}}
      - kubectl get vpa -n demo-vpa
      - echo "kubectl get pods -n demo-vpa --watch"

  demo-wasm:
    desc: wasm demo from github.com/KWasm/kwasm-operator
    vars:
      TIMEOUT: 600s
    deps:
      - task: kind-use-context
      - task: helm-repos
    cmds:
      - helm install -n kwasm --create-namespace kwasm-operator kwasm/kwasm-operator
      - cmd: kubectl wait --namespace kwasm --for=condition=ready pod -l=app.kubernetes.io/name=kwasm-operator  --timeout={{.TIMEOUT}}
      - kubectl annotate node kind-worker2 kwasm.sh/kwasm-node=true
      - kubectl apply -f ./kubernetes/demos/wasm/namespace.yaml
      - kubectl apply -f ./kubernetes/demos/wasm/
      - kubectl apply -f https://raw.githubusercontent.com/KWasm/kwasm-operator/main/examples/kind/runtimeclass.yaml
      - kubectl apply -f https://raw.githubusercontent.com/KWasm/kwasm-operator/main/examples/kind/pod.yaml -n wasm-demo
      - task: show-ingress
      - curl wasm-demo.127.0.0.1.nip.io

  kind-use-context:
    desc: set context to kind
    cmds:
      - kubectl config use-context kind-kind

  kind-export-kubeconfig:
    desc: Export kubeconfig
    cmds:
      - kind export kubeconfig
  
  kind-destroy-cluster:
    desc: Destroys the cluster
    prompt: Are you sure to delete the cluster ?
    cmds:
      - kind delete cluster
  
  kind-create-cluster:
    desc: Creates a kind cluster
    cmds: 
      - 'kind create cluster --config {{ .config }}'
      - kind export kubeconfig --kubeconfig ~/.kube/config
    ignore_error: true

  helm-repos:
    cmds:
      - helm repo add altinity-clickhouse-operator https://docs.altinity.com/clickhouse-operator
      - helm repo add argo-cd https://argoproj.github.io/argo-helm
      - helm repo add crossplane-stable https://charts.crossplane.io/stable
      - helm repo add ingress-nginx https://kubernetes.github.io/ingress-nginx
      - helm repo add isovalent https://helm.isovalent.com
      - helm repo add kwasm http://kwasm.sh/kwasm-operator/
      - helm repo add metrics-server https://kubernetes-sigs.github.io/metrics-server/
      - helm repo add minio https://operator.min.io/
      - helm repo add prometheus-community https://prometheus-community.github.io/helm-charts
      - helm repo update crossplane-stable argo-cd ingress-nginx isovalent kwasm metrics-server minio prometheus-community altinity-clickhouse-operator
    internal: true

  show-ingress:
    desc: print all ingress urls
    cmds:
      -  kubectl get ingress -A -o=jsonpath='{range .items[*]}http://{.spec.rules[0].host}{"\n"}{end}'

  show-secret:
    internal: true
    silent: true
    vars:
      PWD:
        sh: kubectl -n {{.namespace}} get secret {{.secret}} -o jsonpath='{{.property}}'
    cmds:
      - cmd: echo "{{.desc}}"
      - cmd: powershell '[System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String("{{.PWD}}"))'
        platforms: [windows]
      - cmd:  echo "{{.PWD}}" | base64 -d 
        platforms: [linux,darwin]